bazarbackdoor | 8569b09daf48398aceb8dc15b5105b51f675177176a0762dcb633d1245ccab25 | Triage

Submit
Reports

Overview

overview

Static

static

venom/venom.exe

windows7_x64

7

venom/venom.exe

windows10_x64

7

Sharing

General

Target

venom.rar
Size

7.4MB
Sample

211022-jgy2nabcc9
MD5

68dcee34a097ea4b65dfb34e9752dc03
SHA1

399b09123daf7151f9674255e4c5b9e1c389da0b
SHA256

8569b09daf48398aceb8dc15b5105b51f675177176a0762dcb633d1245ccab25
SHA512

fadfea393e8cbeb0989ca6533e1da0d4539f1241782b82efb3b1915595f5fcbb8a1b9aad21ee0b0bce7ab67dcd54ea747d6d1ad81689a1b4e707e2a8c191b21b

Score

10^/10

bazarbackdoor pyinstaller

Static task

static1

pyinstaller bazarbackdoor

Behavioral task

behavioral1

Sample

venom/venom.exe

Resource

win7-en-20210920

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

venom/venom.exe

Resource

win10-en-20211014

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  venom/venom.exe
- Size
  
  7.6MB
- MD5
  
  e01f059a7ae83e71425a2a8f5b8345c2
- SHA1
  
  9864dbf3fd520a290abe5ba1c82f4afc1b521779
- SHA256
  
  c0308e66398561f2918c1cbf67e596d4d5de3de7cbf91b49b98afaed7efb30fb
- SHA512
  
  6df43ea3f91eb82aaed19364c74dc3c9ddd3d112a1fa846369e78136494b588107fcc3a14e9f28c25bafa1a8c35f273c293bd1c58b9d8c7454e08a9e3187197e
Score

7^/10
- Loads dropped DLL
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

pyinstallerbazarbackdoor

behavioral1

behavioral2

© 2018-2024

Terms | Privacy